Date: Mon, 7 Jan 2013 07:22:31 +0100 (CET) From: Thomas-Martin Seck <tmseck@web.de> To: FreeBSD-gnats-submit@freebsd.org Cc: rea@freebsd.org Subject: ports/175084: [Maintainer] [Security] www/squid31: integrate vendor fix for CVE-2012-5643 Message-ID: <20130107062231.A9B45130D04@wcfields.tmseck.homedns.org> Resent-Message-ID: <201301070630.r076U0LP029022@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 175084 >Category: ports >Synopsis: [Maintainer] [Security] www/squid31: integrate vendor fix for CVE-2012-5643 >Confidential: no >Severity: critical >Priority: high >Responsible: freebsd-ports-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: maintainer-update >Submitter-Id: current-users >Arrival-Date: Mon Jan 07 06:30:00 UTC 2013 >Closed-Date: >Last-Modified: >Originator: Thomas-Martin Seck >Release: FreeBSD 8.3-RELEASE amd64 >Organization: a private site in Germany >Environment: FreeBSD ports collection as of January 07, 2013. >Description: Add an additional vendor patch to fix the DoS condition in cachemgr.cgi (SQUID-2012:1, CVE-2012-5643). >How-To-Repeat: >Fix: Apply this patch: Index: Makefile =================================================================== --- Makefile (.../www/squid31) (Revision 2092) +++ Makefile (.../local/squid31) (Revision 2092) @@ -1,6 +1,9 @@ -# Created by: Adrian Chadd <adrian@FreeBSD.org> -# $FreeBSD: ports/www/squid31/Makefile,v 1.268 2012/12/10 15:19:19 svnexp Exp $ +# New ports collection makefile for: squid24 +# Date created: Tue Mar 27 14:56:08 CEST 2001 +# Whom: Adrian Chadd <adrian@FreeBSD.org> # +# $FreeBSD: ports/www/squid31/Makefile,v 1.266 2012/11/18 16:55:52 svnexp Exp $ +# # Tunables not (yet) configurable via 'make config': # SQUID_{U,G}ID # Which user/group Squid should run as (default: squid/squid). @@ -78,7 +81,7 @@ http://www1.jp.squid-cache.org/%SUBDIR%/ \ http://www2.tw.squid-cache.org/%SUBDIR%/ PATCH_SITE_SUBDIR= Versions/v3/3.1/changesets -PATCHFILES= # empty +PATCHFILES= squid-3.1-10483.patch MAINTAINER= tmseck@web.de COMMENT= HTTP Caching Proxy @@ -254,7 +257,7 @@ libexec+= digest_ldap_auth squid_ldap_auth squid_ldap_group .endif .if defined(WITH_SQUID_SASL_AUTH) -LIB_DEPENDS+= sasl2:${PORTSDIR}/security/cyrus-sasl2 +LIB_DEPENDS+= sasl2.2:${PORTSDIR}/security/cyrus-sasl2 CFLAGS+= -I${LOCALBASE}/include CPPFLAGS+= -I${LOCALBASE}/include LDFLAGS+= -L${LOCALBASE}/lib Index: distinfo =================================================================== --- distinfo (.../www/squid31) (Revision 2092) +++ distinfo (.../local/squid31) (Revision 2092) @@ -1,2 +1,4 @@ SHA256 (squid3.1/squid-3.1.22.tar.bz2) = 16fe2313f981ede1c945eebe3743d8f835e724c6dae296bfc1200af555549424 SIZE (squid3.1/squid-3.1.22.tar.bz2) = 2560270 +SHA256 (squid3.1/squid-3.1-10483.patch) = ac871ad6e078ecc0f2ef0d32f7cbca26a1472d976e749177e60ee644878b0f42 +SIZE (squid3.1/squid-3.1-10483.patch) = 1746 >Release-Note: >Audit-Trail: >Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20130107062231.A9B45130D04>